<?php
function ListAllReview()
{
    global $dbsql,$language,$show_page;
    
    $sql_where  = " from tblreview where iStatus=1 and cLanguage='$language' ";
    $sql_select = "select count(iId) as count ".$sql_where;
    $result     = $dbsql->query_fetch($sql_select);
    list($lf,$la)= Split_Page($result['count']);
        
    $sql_select = "select cUrlString,cName,cFullName,cEmail,cComment ".$sql_where." order by iId desc limit $lf,$la";
    $rs         = $dbsql->query($sql_select);
    $rows       = $dbsql->num_rows($rs);
    if($rows==0)
    {
        return '<div class="notfound">'.getLang('Not found review').'</div>';
    }
    $html       = '<div id="ajaxPage">';
    while($result=$dbsql->fetch_array($rs))
    {
        $link   = getLinkReview($result['cUrlString']);
        $html  .= '<div class="listreview">';
        $html  .= '<a class="ttl" href="'.echoLink($link,false).'">'.$result['cName'].'</a>';
        $html  .= '<div class="msg">'.strSplitSub($result['cComment'],50).'</div>';
        $html  .= '<div class="more">&raquo; <a href="'.echoLink($link,false).'">'.getLang('read more').'</a></div>';
        $html  .= '</div>';
    }  
    $html   .= $show_page;
    $html   .= '</div>';
    return $html;
}

function getLinkReview($url)
{
    return getUrlCatByType('review').'/'.$url.'.htm';
}

function ListNewReview($limit=5)
{
    global $dbsql,$language;
    
    $sql_select = "select * from tblreview where iStatus=1 and 
                cLanguage='$language' order by iId desc limit $limit";
    return $dbsql->load($sql_select);    
}

function InsertReview()
{
     global $dbsql,$language;
          
    ImportClass('captcha');
    if (PhpCaptcha::Validate($_POST['SpamCode'])==false)
    {
         AjaxTransfer('spam',getLang('Please enter the correct security code!'));
    }
    
	$ip              = $_SERVER['REMOTE_ADDR'];
	$postdate        = date("Y/m/d");
    
    //Personal Details
	$FullName   = gpc_getStringPost('Name');
	$Email		= gpc_getStringPost('Email');
    $Subject    = gpc_getStringPost('Subject');
    $Message    = gpc_getStringPost('Message');
    $Message    = str_replace("\n"," <br>",$Message);    
    $url        = gpc_trimUrl($Subject.'-'.$Name);
    
    ImportClass('account');
    if(!isValidEmail($Email))
    {
        AjaxTransfer('err',getLang('Please enter validate email'));
    }
    $emailconfig       = @getConfigEmail('ReviewEmail');
    
    if($emailconfig==false)
    {
        AjaxTransfer('config','Email not config.please contact to admin');
    }
    
    $sql_insert = "INSERT INTO tblreview
	   (cUrlString,cName,cEmail,cFullName,cComment,iStatus,dPostDate,cLanguage) 
	VALUES 
	('$url','$Subject','$Email','$FullName','$Message','0','$postdate','$language')";
	
	$dbsql->query($sql_insert);	
    
    $subject                = $emailconfig->title;
    $subject                = str_ireplace('{NAME}',$FullName,$subject);
    $emailconfig->content   = str_ireplace('{NAME}',$FullName,$emailconfig->content);
    $emailconfig->content   = str_ireplace('{EMAIL}',$Email,$emailconfig->content);
    $emailconfig->content   = str_ireplace('{SUBJECT}',$Subject,$emailconfig->content);
    $emailconfig->content   = str_ireplace('{MESSAGE}',$Message,$emailconfig->content);
    $emailconfig->content  .= '<BR>IP: '.$ip;
    
 	//send to admin
 	$rs   = send_email($emailconfig->email,"",$subject,$emailconfig->content);
 	if($rs==false)
    {
        AjaxTransfer('ok','Send Email False please contact to admin');
    }
    
    $datasuccess    = getConfig('InsertReviewSuccess');
    if($datasuccess==false)
    {
        $datasuccess = getLang('Send success. Thanks your feedback!');
    }
    $datasuccess    = str_replace('{NAME}',$Name,$datasuccess);
    
	AjaxTransfer('ok',$datasuccess);
}
?>